package edu.friday.utils.security;

import edu.friday.common.constant.HttpStatus;
import edu.friday.common.exception.CustomException;
import edu.friday.common.security.LoginUser;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;

public class SecurityUtils {
    public static String getUsername(){
        try{
            return getLoginUser().getUsername();
        }
        catch (Exception e){
            throw new CustomException("获取用户账户异常", HttpStatus.UNAUTHORIZED);
        }
    }

    public static LoginUser getLoginUser(){
        try{
            return (LoginUser)getAuthentication().getPrincipal();
        }
        catch (Exception e){
            throw new CustomException("获取用户信息异常",HttpStatus.UNAUTHORIZED);
        }
    }

    public static Authentication getAuthentication(){
        return SecurityContextHolder.getContext().getAuthentication();
    }

    public static String encryptPassword(String password){
        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
        return passwordEncoder.encode(password);
    }

    public static boolean matchesPassword(String rawPassword,String encodedPassword){
        BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
        return passwordEncoder.matches(rawPassword,encodedPassword);
    }

    public static boolean isAdmin(Long userId){
        return userId != null && 1L == userId;
    }
}
